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CLAIMS 

1. A method of monitoring and controlling data transfer between a user 
terminal coupled to a first communication network and a second 
communication network via a gateway and a firewall, said metliod 
including the steps of: 

sending an access request to said gateway from said user terminal 
requiring access to said second communication network; 
said gateway reading said access request; 

modifying at least one access rule in said firewall to pemiit access for 
said user temilnal requesting access based on an authenticated IP 
address of said user terminal requesting access; 

monitoring simultaneously at said firewall the transfer of data between 
said usertemriinal and said second communication network; and 
dynamically controlling in real time bandwidth available to said user 
terminal. 

2. The method of claim 1. wherein said dynamic control of bandwidth 
available to said user terminal occurs whilst maintaining corrimunicatlon 
of said user terminal with said second communication network. 

3. The method of claim 1, wherein a restricted bandwidth is allocated to a 
single user terminal. 

4. The method of claim 1. wherein a restricted bandwidth Is shared 
between a plurality of user terminals. 
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5. The method of claim 1. wherein bandwidth is restricted for uploading 
data and/or downloading data. 

6. The method of claim 1. wherein a restricted bandwidth is allocated to 
one or more temiinals for a prescribed time period. 

7. The method of claim 1. wherein a restricted bandwidth is allocated to 
one or more temiinals on the basis of a priority status allocated to the 
one or more terminals or a user account. 

8. The method of claim 1. wherein the IP address of a user temiinal is 
authenticated on the basis that the user terminal has previously been 
authenticated by the gateway using an encryption/decryption process. 

9. The method of claim 1. further including the step of monitoring ail ports 
of access of said user tenninal. 

10. The method of claim 1. further including the step of enabling and/or 
disabling one or more ports of access of a user temiinal. 

1 1 .The method of claim 1 . further including the step of controlling access of 
a user temiinal to the second communication networi< from a 
management temiinal coupled to the first communication network. 
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12.The method of claim 1, further including the step of monitoring a period 
of time a user temiinal has access to the second communication 
networlc. 

1.3. The method of claim 1. further including the step of monitoring a 
quantity of data a user terminal uploads and/or downloads. 



14. The method of claim 1. further including the step of monitoring a cost to 
a user of their user tenninal having access to the second communication 

10 network. 

15. A system for monitoring and controlling data transfer in communication 
networks, said system comprising: 

one or more user temrilnals coupled to a first communication networi<; 
15 a second communication network coupled to said first communication 

network via a gateway and a firewall; 

wherein said firewall simultaneously monitors transfer of data between 
said one or more user terminals and said second communication 
networi< for said user temninals having an authenticated IP address that 
20 has access to said second communication networic and dynamically 

controls in real time bandwidth available to said one or more user 
terminals. 

16. The system of claim 15, wherein a single machine comprises both the 
25 gateway and the firewall. 
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17. The system of claim 15. wherein the firewall is in a different machine 
from the gateway. 

18. The system of claim 15. wherein authentication of the IP address is 
canied out by the gateway. 

19. The system of claim 18. wherein authentication employs an 
encryption/decryption process to authenticate a remote terminal. 

20. The system of claim 15. wherein the firewall simultaneously monitors all 
ports of access of one or more of said user tenninals. 

21. The system of claim 15. wherein a restricted bandwidth is allocated to a 
single user tenninal. 

22. The system of claim 15. wherein a restricted bandwidth is shared 
between a plurality of user terminals. 

23. The system of claim 15. wherein a restricted bandwidth is allocated to a 
user account. 

24. The system of claim 15, wherein bandwidth is restricted for uploading 
data and/or downloading data. 



AMENDED SHEET 



Received 20 July 2004 

25 

25. The system of claim 16, wherein said dynamic control of bandwidth 
available to said one or more user temiinals occura whilst maintaining 
communication of said one or more user temiinals with said second 
communication network. 

26. A gateway for monitoring and controlling data transfer In communication 
networks, said gateway comprising: 

a firewall for pemriitting access to a second communication networi< 
for one or more user temiinals coupled to a first communication networi< 
having an authenticated IP address; 

wherein said gateway monitors simultaneously at said firewall 
transfer of data between said one or more user terminals and said 
second communication networi< and dynamically controls In real time 
bandwidth available to said one or more user terminals. 

27. The gateway of claim 26. wherein the firewall simultaneously monitors 
all ports of access of one or more of said user terminals. 

28. The gateway of claim 26, wherein the dynamic control of bandwidth 
available to said one or more user temiinals occurs whilst maintaining 
communication of said one or more user temiinals with said second 
communication network. 

29. The gateway of claim 26. further comprising means for enabling and/or 
disabling one or more ports of access to each user terminal. 
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